Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/6liOlPFmZGdM4IMrLOzGhsoDmzY.roa
File: 6liOlPFmZGdM4IMrLOzGhsoDmzY.roa (raw, json)
Hash identifier: mO21PIIrqYtzDaIgi99Hy48CLyrd+55utDTYdlAu09Q=
Subject key identifier: EA:58:8E:94:F1:66:64:67:4C:E0:83:2B:2C:EC:C6:86:CA:03:9B:36
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01917F42634AFBC73A24FE0B8BC02A400DA4
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/6liOlPFmZGdM4IMrLOzGhsoDmzY.roa
Signing time: Fri 23 Aug 2024 12:42:22 +0000
ROA not before: Fri 23 Aug 2024 12:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 03 Sep 2024 06:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:42:63:4a:fb:c7:3a:24:fe:0b:8b:c0:2a:40:0d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Aug 23 12:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea588e94f16664674ce0832b2cecc686ca039b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c3:f4:79:85:4b:cc:8c:15:c1:a3:06:f2:d2:
cd:44:8f:1f:f8:a2:21:1e:36:56:08:f7:0f:8a:b9:
28:1c:b9:d3:b2:e9:9a:23:fd:ef:8e:ee:9a:da:cf:
cb:02:f2:31:b5:76:ce:d5:2f:71:b8:51:9b:67:5c:
b5:a0:bc:e0:fb:2c:b0:57:fc:1e:0e:ae:73:28:b0:
37:c2:72:4a:d9:f9:f2:d2:63:22:8e:6a:f7:7f:ba:
05:50:b0:37:ed:1f:d9:24:e1:79:ac:a4:ff:d2:3b:
ba:b0:c9:81:16:ec:55:76:b0:ec:30:bb:f8:03:e6:
f0:ea:96:2a:5d:75:ab:bb:36:b3:4e:a1:b8:ac:76:
51:79:ae:61:2f:5d:5d:bd:e1:23:a3:01:8e:07:13:
20:63:19:a6:48:6f:04:26:93:c5:56:47:e6:d9:34:
f4:a6:9d:a7:ef:05:b5:c3:08:0a:48:df:26:41:d5:
89:16:2c:74:60:ef:be:5a:6d:95:35:7c:51:21:84:
71:a4:92:7a:fe:3b:79:38:9e:4c:6c:72:40:1a:ee:
27:1f:95:f8:3a:22:8f:3c:11:26:ce:f3:a6:7c:41:
4f:68:1e:40:9e:e0:26:e0:e1:5f:25:cb:1e:b5:3f:
b0:22:8c:68:a0:1e:85:e9:33:b2:c6:87:c4:13:69:
d3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:58:8E:94:F1:66:64:67:4C:E0:83:2B:2C:EC:C6:86:CA:03:9B:36
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/6liOlPFmZGdM4IMrLOzGhsoDmzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:eb:aa:a7:31:97:e0:81:85:c7:cb:20:6a:79:cc:67:32:42:
02:42:32:9c:4f:d5:9b:05:53:7f:26:e8:1d:c1:ba:e0:6c:6f:
54:b7:0f:83:cb:5b:71:ac:f8:a4:3d:53:e1:50:6e:17:5c:00:
c2:f5:ba:7d:98:f7:7d:da:cc:f3:78:ce:12:0b:0b:82:77:81:
ff:c2:1c:33:39:93:c0:ec:c5:eb:b8:1e:08:57:e2:46:68:a8:
00:6e:c2:3b:0f:00:53:14:5a:34:73:80:d3:9f:5a:71:18:e7:
ed:ca:de:f8:c9:4e:fb:da:5e:00:fd:bc:95:19:c2:53:a7:0c:
f7:b3:35:e5:cf:25:7c:ba:02:79:c1:a1:fb:49:3f:21:fa:5b:
1e:51:fe:7d:5c:f7:94:41:0f:0b:54:db:68:d8:f8:46:c7:b6:
da:57:64:43:bb:1f:6d:c6:86:0a:dd:26:70:b4:c6:96:6d:ae:
3a:3a:ed:08:6d:fa:92:12:8b:4a:05:0b:ff:89:9e:8e:e5:d0:
0c:be:21:9d:82:e8:73:06:35:6a:01:7e:c0:4f:95:9c:db:fd:
e9:4b:71:ec:10:e8:97:f1:4d:c6:0b:fd:d1:13:62:13:5c:8e:
41:81:eb:9c:fc:8e:bd:1b:09:86:76:cb:3a:44:a5:c8:ce:d2:
11:c7:ff:14
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZF/QmNK+8c6JP4Li8AqQA2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwODIzMTI0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTU4OGU5NGYxNjY2NDY3NGNlMDgzMmIyY2VjYzY4NmNhMDM5YjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMP0eYVLzIwVwaMG8tLNRI8f+KIh
HjZWCPcPirkoHLnTsumaI/3vju6a2s/LAvIxtXbO1S9xuFGbZ1y1oLzg+yywV/we
Dq5zKLA3wnJK2fny0mMijmr3f7oFULA37R/ZJOF5rKT/0ju6sMmBFuxVdrDsMLv4
A+bw6pYqXXWruzazTqG4rHZRea5hL11dveEjowGOBxMgYxmmSG8EJpPFVkfm2TT0
pp2n7wW1wwgKSN8mQdWJFix0YO++Wm2VNXxRIYRxpJJ6/jt5OJ5MbHJAGu4nH5X4
OiKPPBEmzvOmfEFPaB5AnuAm4OFfJcsetT+wIoxooB6F6TOyxofEE2nTbwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOpYjpTxZmRnTOCDKyzsxobKA5s2MB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvNmxpT2xQRm1aR2RNNElNckxPekdoc29EbXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAGDrqqcxl+CBhcfLIGp5zGcyQgJCMpxP1ZsFU38m6B3B
uuBsb1S3D4PLW3Gs+KQ9U+FQbhdcAML1un2Y933azPN4zhILC4J3gf/CHDM5k8Ds
xeu4HghX4kZoqABuwjsPAFMUWjRzgNOfWnEY5+3K3vjJTvvaXgD9vJUZwlOnDPez
NeXPJXy6AnnBoftJPyH6Wx5R/n1c95RBDwtU22jY+EbHttpXZEO7H23GhgrdJnC0
xpZtrjo67Qht+pISi0oFC/+Jno7l0Ay+IZ2C6HMGNWoBfsBPlZzb/elLcewQ6Jfx
TcYL/dETYhNcjkGB65z8jr0bCYZ2yzpEpcjO0hHH/xQ=
-----END CERTIFICATE-----
Generated at Tue Sep 3 08:22:49 2024 by rpki-client on console-ams.rpki-client.org